$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0da87c3-0506-4956-8446-99aab80b63d7.roa File: d0da87c3-0506-4956-8446-99aab80b63d7.roa (raw, json) Hash identifier: Kj+pNjFybMCVERm14d2c00e5suxQmTYBZuE4oiWEb5U= Subject key identifier: 8D:6D:2D:4C:5E:EF:65:2B:1A:9F:A5:C8:33:DF:26:9A:7E:38:C2:DE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6BA6063E609963F494876F8A16F133CFFF510627 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0da87c3-0506-4956-8446-99aab80b63d7.roa Signing time: Tue 29 Jul 2025 00:30:54 +0000 ROA not before: Tue 29 Jul 2025 00:30:54 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:a6:06:3e:60:99:63:f4:94:87:6f:8a:16:f1:33:cf:ff:51:06:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:30:54 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=92a55ca300ac2ad19ba95b5fce49037ea91369e96109ae616cd1134a959258eb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:63:55:3d:d5:21:6b:54:93:93:cb:d3:5f:df: 74:98:8a:2e:e6:3f:d4:0b:91:d0:75:1f:1b:3b:c5: 65:93:a1:c7:a4:22:59:2c:35:88:e3:89:cc:63:25: 4d:fa:85:ed:42:95:82:61:fd:63:67:55:17:2f:f5: 6a:7c:5e:b9:28:c5:dc:2e:ce:d9:fd:d3:20:b6:ca: 57:e5:ca:75:22:29:65:1f:34:77:9a:ca:ae:cd:c4: 87:22:5a:30:8f:0e:31:d7:96:0b:6b:97:98:98:60: bd:98:65:95:d5:9e:a5:71:94:d4:6b:1f:02:f4:96: 34:5f:8a:51:4b:ef:b1:ee:68:9e:30:51:a6:80:96: ea:4f:61:8b:43:52:d6:70:e9:22:36:38:0c:01:fc: 8d:3a:24:48:f5:e2:a2:28:d9:cf:4c:df:18:97:b8: 77:29:58:2c:9a:57:dc:8e:15:66:a0:9d:d6:89:49: ed:fc:3a:0a:2b:b9:3d:f2:79:86:00:97:86:d6:36: fe:b0:0d:36:85:7f:f3:ad:3e:b3:66:e6:04:6c:f7: 3f:b0:1a:29:75:6a:23:a5:63:b1:e8:cd:cf:f8:8f: b5:a8:b2:b2:24:d2:cd:8a:60:c5:7d:47:90:46:13: eb:fc:0d:66:1a:00:4f:3f:34:1d:44:ea:89:69:d6: 3e:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:6D:2D:4C:5E:EF:65:2B:1A:9F:A5:C8:33:DF:26:9A:7E:38:C2:DE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0da87c3-0506-4956-8446-99aab80b63d7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 81:e4:2e:b7:b1:5a:62:04:15:43:62:04:65:f7:88:c0:76:6d: ed:2d:ef:96:48:5e:c6:59:eb:a2:41:16:9c:1b:c4:f1:00:ed: 70:0e:be:cc:0c:c4:d9:3e:c8:ad:78:7b:fe:b9:5d:80:23:46: 57:0f:54:24:f0:00:94:13:53:fc:e0:0a:c6:a1:bd:16:07:a3: 09:0d:a3:57:1e:93:ae:a9:21:a3:93:5f:65:0e:96:00:92:6d: 2a:59:c3:ff:0b:40:75:55:d0:2f:a0:0e:f1:0b:6a:df:a8:3a: 56:4a:17:e1:77:a9:19:9a:1f:89:d0:2f:5a:f8:0c:ae:69:4b: 45:4f:16:0f:11:76:fd:75:ba:22:8a:f4:cf:6e:21:80:29:d9: a1:4d:7f:67:42:c5:04:2c:f8:c7:98:c0:6e:0b:16:86:f4:e7: dc:a0:0a:5c:2a:91:00:46:f9:d2:31:ba:90:82:af:c2:7d:36: 94:3e:96:14:05:ba:be:89:df:a3:af:86:aa:a9:38:4d:22:27: 8b:fe:dd:49:69:59:a9:63:8a:94:2b:ec:12:b1:51:4c:e9:d0: 52:46:f0:8d:41:fe:9a:f5:5e:e0:b3:54:9f:c4:d4:03:6d:16: c7:39:4a:d5:95:58:7d:47:71:63:ea:f3:42:0d:52:a5:41:3c: 0b:61:ed:26 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUa6YGPmCZY/SUh2+KFvEzz/9RBicwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMzA1NFoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAOTJhNTVjYTMwMGFjMmFkMTliYTk1 YjVmY2U0OTAzN2VhOTEzNjllOTYxMDlhZTYxNmNkMTEzNGE5NTkyNThlYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2NVPdUha1STk8vTX990mIou5j/U C5HQdR8bO8Vlk6HHpCJZLDWI44nMYyVN+oXtQpWCYf1jZ1UXL/VqfF65KMXcLs7Z /dMgtspX5cp1IillHzR3msquzcSHIlowjw4x15YLa5eYmGC9mGWV1Z6lcZTUax8C 9JY0X4pRS++x7mieMFGmgJbqT2GLQ1LWcOkiNjgMAfyNOiRI9eKiKNnPTN8Yl7h3 KVgsmlfcjhVmoJ3WiUnt/DoKK7k98nmGAJeG1jb+sA02hX/zrT6zZuYEbPc/sBop dWojpWOx6M3P+I+1qLKyJNLNimDFfUeQRhPr/A1mGgBPPzQdROqJadY+7QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFI1tLUxe72UrGp+lyDPfJpp+OMLeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QwZGE4N2MzLTA1MDYtNDk1Ni04NDQ2LTk5YWFiODBiNjNkNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/yDAMA0GCSqGSIb3DQEBCwUAA4IBAQCB5C63sVpiBBVDYgRl 94jAdm3tLe+WSF7GWeuiQRacG8TxAO1wDr7MDMTZPsiteHv+uV2AI0ZXD1Qk8ACU E1P84ArGob0WB6MJDaNXHpOuqSGjk19lDpYAkm0qWcP/C0B1VdAvoA7xC2rfqDpW Shfhd6kZmh+J0C9a+AyuaUtFTxYPEXb9dboiivTPbiGAKdmhTX9nQsUELPjHmMBu CxaG9OfcoApcKpEARvnSMbqQgq/CfTaUPpYUBbq+id+jr4aqqThNIieL/t1JaVmp Y4qUK+wSsVFM6dBSRvCNQf6a9V7gs1SfxNQDbRbHOUrVlVh9R3Fj6vNCDVKlQTwL Ye0m -----END CERTIFICATE-----Generated at Thu Jul 31 01:04:09 2025 by rpki-client